45 matches found
CVE-2022-27442
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password...
EUVD-2021-23146
Malware in sbrugna...
EUVD-2021-23147
Malware in sbrugna...
EUVD-2022-31945
Malicious code in bioql PyPI...
EUVD-2022-33954
Malicious code in bioql PyPI...
EUVD-2022-31944
Malicious code in bioql PyPI...
CVE-2022-27441
A stored cross-site scripting XSS vulnerability in TPCMS v3.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Phone text box...
CVE-2022-29624
An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2021-36544
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...
CVE-2021-36545
Cross Site Scripting XSS vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfgcopyright or cfgtel field in Site Configuration page...
TPCMS Access Control Error Vulnerability (CNVD-2023-09604)
TPCMS is a source of happiness Source of Happiness individual developers of an open source content management system. An access control error vulnerability exists in TPCMS version 3.2. A remote attacker could exploit this vulnerability to obtain sensitive information via the application URL...
TPCMS Cross-Site Scripting Vulnerability (CNVD-2023-09603)
TPCMS is a source of happiness Source of Happiness individual developers of an open source content management system. A cross-site scripting vulnerability exists in TPCMS version 3.2. A remote attacker can exploit this vulnerability to run arbitrary code via the cfgcopyright or cfgtel fields in t...
CVE-2021-36545
Cross Site Scripting XSS vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfgcopyright or cfgtel field in Site Configuration page...
CVE-2021-36544
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...
CVE-2021-36544
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...
Improper access control
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...
Cross site scripting
Cross Site Scripting XSS vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfgcopyright or cfgtel field in Site Configuration page...
CVE-2021-36545
The CVE-2021-36545 entry refers to a Cross-Site Scripting (XSS) vulnerability in tpcms version 3.2 where the cfg_copyright and cfg_tel fields in the Site Configuration page can be exploited to run arbitrary code remotely. Affected software: tpcms 3.2; vulnerable component: Site Configuration inpu...
TPCMS 跨站脚本漏洞
TPCMS is a source of happiness Source of Happiness individual developers of an open source content management system. A cross-site scripting vulnerability exists in TPCMS version 3.2. A remote attacker can exploit this vulnerability to run arbitrary code via the cfgcopyright or cfgtel fields in t...
PT-2023-12288 · Tpcms · Tpcms
Name of the Vulnerable Software and Affected Versions: tpcms version 3.2 Description: A Cross Site Scripting XSS issue allows remote attackers to run arbitrary code via the cfg copyright or cfg tel field in the Site Configuration page. This enables attackers to execute malicious scripts on the...